Oct 2021 – Sep 2024 · 2 yrs 11 mos · United States · Remote

• Architected and hardened cloud (AWS) workloads: least-privilege IAM, VPC segmentation (security groups/NACLs), encryption at rest/in transit, logging/monitoring and automated alerting; implement WAF and native threat-detection services.
• Led advanced malware analysis & reverse engineering (static/dynamic); developed YARA signatures and MITRE ATT&CK-mapped detections to strengthen SIEM/XDR coverage.
• Conducted vulnerability assessments & penetration testing, prioritising findings by risk and business impact; delivered clear remediation roadmaps to owners.
• Directed digital forensics (evidence acquisition/preservation, disk & email artefacts) with defensible reporting for incident response and legal/regulatory needs.
• Operated threat detection at scale: correlated telemetry from SIEM/IDS/IPS/firewalls, tuned playbooks, reduced noise, and improved response effectiveness.
• Implemented data protection for sensitive datasets across storage and databases; enforced access governance and key management.
• Delivered client-facing solutions end-to-end: workshops, POCs, demos, deployment & handover; aligned designs to ISO 27001, PCI DSS, GDPR, Cyber Essentials with runbooks and assurance artefacts.
• Modernised identity for a biotech client with Directory-as-a-Service, improving access governance, reliability, and user experience.
• Championed security-by-design and continuous improvement: create detection content/playbooks, stand up KRIs/KPIs dashboards, and coach engineering teams

Jul 2019 – Aug 2021 · 2 yrs 1 mo

• Designed and operationalised Network Access Control (NAC) with Zero Trust principles; integrated with directory services and SIEM to enforce posture-based access, BYOD/guest onboarding, and least-privilege segmentation.
• Built the SOC & Threat Intelligence operating model, aligning detections to risk scenarios and producing clear executive reporting and KRIs/KCIs.
• Skybox Security Suite: delivered exposure-based network modelling & attack-path analysis, firewall policy optimisation & rule recertification, and change-risk scoring integrated with change workflows to prioritise remediation.
• Managed firewall governance & micro-segmentation across hybrid estates—risk-based change control, standardised ACL baselines, and network zoning to reduce lateral movement.
• Directed exposure/vulnerability management as a governance programme (not just scans): business-impact prioritisation, remediation sprints, owners & deadlines, and evidence packs for assurance.
• Partnered with OEMs and regional clients (e.g., Cisco, Portnox, Sophos) to tailor NAC/Zero Trust solutions for African enterprise environments; delivered workshops, POCs and enablement to embed security-by-design.
• Ensured alignment to ISO 27001, NIST CSF, PCI DSS, GDPR, MITRE ATT&CK/OWASP; produced auditable artefacts and concise risk narratives for senior stakeholders.

Mar 2016 – Jun 2019 · 3 yrs 3 mos

• Managed and maintained a complex server estate (physical/virtual servers, storage, network devices), ensuring resilience, security and performance.
• Configured and operated Cisco routers/switches, optimising LAN/WAN performance and ensuring high availability; applied deep knowledge of OSI, TCP/IP, BGP, OSPF, EIGRP and VLANs to design robust architectures.
• Implemented perimeter & infrastructure security: firewall rule governance, access controls, and segmentation to protect critical services from cyber threats.
• Established endpoint/server hardening & patch management for 5,000+ endpoints and core infrastructure; improved SLA compliance and reduced vulnerability exposure windows.
• Re-architected Active Directory & authentication (Group Policy baselines, privileged access controls, password policy uplift); rolled out MFA/SSO roadmap; cut unauthorised access incidents by 36%.
• Built and tested disaster recovery & backup strategies for virtualised environments (VMware/Hyper-V), strengthening continuity posture.
• Secured data platforms (e.g., MySQL, file systems) with role-based access, encryption, monitoring and periodic audit reviews.
• Delivered operational monitoring, troubleshooting and incident handling for network/platform services; authored SOPs and supported secure service deployments

Dec 2015 – Feb 2016 · 2 mos

• Reviewed design requirements and identified appropriate material to use in the development of solutions.
• Designed the electrical and mechanical fittings of buildings with Autocad.
• Integrated environment, health and safety regulations into process design and work practices to alleviate risk.
• Coordinated technical development, scheduling and problem-solving for engineering design and test problems.

Nov 2011 – Jan 2012 · 2 mos

• Read and interpreted blueprints, diagrams, and schematics to correctly coordinate work
• Coordinated materials delivery and organization to maintain the smooth flow of work.
• Checked work quality and compliance with design specifications.
• Monitored installation and operations to consistently meet rigorous customer requirements.
• Performed load calculation for sizing wire and circuit protection.
• Applied principles of electrical theory to advance and improve product development and efficiency.